3.12.5.1.5 Proxy Preauthentication for Active Clients
This operation processes a request for authentication, and returns a proxy token as described in section 3.13.5.1 upon success.<15>
The operation is transported by a HTTP POST and can be invoked through the following URI:
-
adfs/proxy/relyingpartytoken?api-version=1
The response message for this operation can result in the following status codes.
|
Status code |
Description |
|---|---|
|
200 |
The operation has succeeded. |
|
400 |
The request is not valid. |
|
401 |
Unauthorized for client TLS certificate. |
|
405 |
Invalid verb used in request (GET, DELETE, PUT). |
|
500 |
Internal error. |
|
501 |
The version specified (api-version) is invalid. The only valid value is 1. |
For this operation, the server requires authenticating the proxy using client TLS authentication [RFC2246]. The server MUST validate that the certificate that is presented by the proxy during client TLS authentication can be validated by one of the values of [Server State].ProxyTrustedCertificates. If the certificate cannot be validated, the server MUST return an HTTP error code of 401.